CVE-2020-36895
- EPSS 0.32%
- Veröffentlicht 10.12.2025 20:54:29
- Zuletzt bearbeitet 17.12.2025 19:22:45
EIBIZ i-Media Server Digital Signage 3.8.0 contains an unauthenticated configuration disclosure vulnerability that allows remote attackers to access sensitive configuration files via direct object reference. Attackers can retrieve the SiteConfig.prop...
CVE-2020-36894
- EPSS 0.58%
- Veröffentlicht 10.12.2025 20:53:33
- Zuletzt bearbeitet 17.12.2025 19:25:23
Eibiz i-Media Server Digital Signage 3.8.0 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through AMF-encoded object manipulation. Attackers can send crafted serialized objects to the /mess...
CVE-2020-36893
- EPSS 10.4%
- Veröffentlicht 10.12.2025 20:52:52
- Zuletzt bearbeitet 17.12.2025 19:26:08
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensit...
CVE-2020-36892
- EPSS 0.52%
- Veröffentlicht 10.12.2025 20:52:17
- Zuletzt bearbeitet 17.12.2025 16:38:28
Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation vulnerability in the updateUser object that allows attackers to modify user roles. Attackers can exploit the /messagebroker/amf endpoint to elevate privileges...